In message <[EMAIL PROTECTED]>, Kris Kennaway writes:
>Sorry I've been ignoring this; I'm still getting caught up from my
>vacation. Niels, how has OpenBSD handled this?
Not. We have the same problem. I argue that the test is bogus.
First of all, if we are getting a SYN for this 4-tuple, it is very
likely that all segments from the old connection have left the
network.
The current code does not deal with wrap around either.
On the other hand, there are already a number of operating systems
that use randomized ISNs. Linux has been doing this for quite some
time. As a result, we can not rely on monotonely increasing ISNs
anyway.
Niels.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
